[HIGH] AVideo affected by unauthenticated application takeover via exposed web installer on uninitialized deployments

PKSA-3jbs-pwhv-9v32 CVE-2026-33038 GHSA-2f9h-23f7-8gcx

Affected package: wwbn/avideo

Affected version: <=25.0

Reported by:
GitHub